Show TOC

LDAP Login Policy OptionsLocate this document in the navigation structure

Available login policy options for LDAP user authentication

Option Description
LDAP_PRIMARY_SERVER Specifies the name of the primary LDAP server. 
  • Values n/a
  • Default None
  • Applies to All users.
LDAP_SECONDARY_SERVER Specifies the name of the secondary LDAP server. 
  • Values n/a
  • Default None
  • Applies to All users.
LDAP_AUTO_FAILBACK_PERIOD Specifies the time period, in minutes, after which automatic failback to the primary server is attempted.
  • Values 0 - 2147483647
  • Default 15 minutes
  • Applies to All users.
LDAP_FAILOVER_TO_STD Permits authentication with standard authentication when authentication with the LDAP  server fails due to system resources, network outage, connection timeouts, or similar system failures.  However, it does not permit an actual authentication failure returned from an LDAP server to fail over to standard authentication.
  • Values ON, OFF
  • Default ON
  • Applies to All users.
LDAP_REFRESH_DN Updates the ldap_refresh_dn value in the ISYSLOGINPOLICYOPTION system table with the current time, stored in Coordinated Universal Time (UTC).

Each time a user authenticates with LDAP, if the value of ldap_refresh_dn in ISYSLOGINPOLICYOPTION is more recent than the value of user_dn in ISYSUSER, a search for a new user DN occurs. The user_dn value is then updated with the new user DN and the user_dn_changed_at value is again updated to the current time.

  • Values NOW
  • Initial value for ROOT policy NULL
  • Initial value for user-defined login policy Current time stored in UTC
  • Applies to All users.